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ABSTRACT 



Methods for approximating the system hazard function are 
developed for systems which have constant component failure 
rates. The approximations are applicable to systems which 
are "highly reliable," e.g., all component reliabilities 
greater than 0.9 and system reliability greater than 0.95. 

Three approximations are developed. The first-order ap- 
proximation is based on the system cuts of least size 
(smallest cuts) . The fix-up approximation is based on the 
minimal cuts of the system and is an extension of the methods 
used in NAVWEPS OD 29304. The second-order approximation is 
a more accurate extension of the first-order approximation. 

The advantages peculiar to each of these approximations 

are : 

(1) first-order: easy to calculate, 

(2) fix-up: never leads to an overestimate of system 

reliability , 

(3) second-order: relatively more accurate. 



2 



TABLE OF CONTENTS 



I. INTRODUCTION 4 

II. DEFINITIONS AND EXAMPLES 7 

A. SYSTEM STRUCTURE 7 

1. Condition Vector 7 

2. Structure Function 8 

3. Cut 8 

4. Cut Size and System Width 9 

5. Failed Component Set 9 

6. Minimal Cut 9 

7. Sets of Cuts 10 

B. PROBABILISTIC RELIABILITY FUNCTIONS 10 

1. Reliability Function 10 

2. System Reliability in Terms of Cuts 12 

3. Hazard Function 14 

4. Failure Rate 15 

III. FIRST-ORDER APPROXIMATIONS 16 

IV. FIX-UP AND SECOND-ORDER APPROXIMATIONS 24 

A. THE FIX-UP APPROXIMATION 24 

B. THE SECOND-ORDER APPROXIMATION 27 

LIST OF REFERENCES 39 

INITIAL DISTRIBUTION LIST 40 

FORM DD 1473 42 



3 



I. 



INTRODUCTION 



This thesis deals with probabilistic approximations for 
system reliability as opposed to statistical estimators of 
component or system failure rates. The problem addressed 
herein is that of approximating the probability of failure as 
a function of time for a system whose components have known 
(or estimated) constant failure rates. 

It has been shown (1) that a system of constant failure 
rate components will not have a constant system failure rate 
unless all components are in series. When all components are 
in series the system failure rate is the sum of the component 
failure rates, a simple calculation requiring no approxima- 
tions. When all components are not in series the system fail- 
ure rate is a function of time; usually it is a rather 
complicated function. In the latter case simple approxima- 
tions have great practical usefulness. 

The function approximated in this thesis is the system 
hazard function. The hazard function is a very convenient 
device when a system consists of a series of subsystems, and 
some of the subsystems have components in parallel. The sys- 
tem hazard function is simply the sum of the subsystem 
hazard functions, and the system reliability is the exponen- 
tial of the negative of the system hazard function. The only 
difficulty in determining system reliability, then, is deter- 
mining the hazard function for those subsystems which do not 
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have all components in series. It is to this end that simple 
approximate methods for determining the hazard function are 
developed in this paper. 

The system hazard function can be formulated as a function 
of the component failure rates and of time (mission length) . 
Bounds on the value of the hazard function for any mission 
length are developed in [2] . The approximations developed 
in this paper are useful for systems of variable mission 
length, however, the accuracy of the approximations is gener- 
ally acceptable only in the range of mission lengths for 
which system reliability is "high" (e.g., component reliabil- 
ities at least 0.9 and system reliability at least 0.95). 

Three methods of approximating the system hazard function 
are developed in this paper: 

(1) first-order approximation 

(2) fix-up approximation 

(3) second-order approximation. 

The first-order approximation has the form a(Xt)k when compo- 
nent failure rates are all equal. When component failure 
rates are not all equal the first-order approximation has the 
form £ll (X ^t) . The fix-up and the second-order approximations 
are made up of terms of the same form as the first-order 
approximation. The fix-up approximation is an extension of 
the methods used in [3]. When the methods of [3] can be 
applied unambiguous ly they give the same result as the fix-up 
approximation . 



5 



None of these approximations requires the complete compu- 
tation of the system reliability function. This is of 
definite practical advantage in complex systems. 
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II. DEFINITIONS AND EXAMPLES 



A convenient vehicle for illustrating definitions is 
the 2-out-of-3 system. A 2-out-of-3 system consists of 
three components: it functions if any two components func- 

tion or all three components function. If less than two 
components function, the system fails. 

A. SYSTEM STRUCTURE 

All components and systems are considered to be two-state 
devices in the sense that they either "function" or "fail." 

We use the symbol to represent the state of the i-th 
component : 

x^ = 0 if the i-th component fails, 

=1 if the i-th component functions. 

1 . Condition Vector 

In a system consisting of n components the vector 
x = (x^,...,x ) represents the state of all the components 
in the system. We say x describes the "condition" of the sys- 
tem. Superscripts are used to distinguish different conditions 
of the system, e.g., x , x^ . 

The possible conditions of a 2-out-of-3 system are 
shown in Figure 1. 
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Figure 1. Conditions of a 2-out-of-3 System. 

2 . Structure Function 

The structure functio’n 4>(x) indicates the state of 
the system (function or fail) when it is in the condition 
described by x: 

4>(x) =0 if the system fails in condition x, 

=1 if the system functions in condition x. 

Considering the conditions of a 2-out-of-3 system 
shown in Fig. 1, we see for example that: 

4>(x ) = 0 (only component No. 3 functions; system fails), 

<Mx^) = 1 (components Nos. 1 and 3 function; system 
functions) . 

3 . Cut 

The approximations developed in this thesis are closely 
related to those conditions of the system in which it fails. 

We define a cut as any condition in which the system fails, 
i.e., condition x is a cut if 4>(x)=0. 

The 2-out-of-3 system has four cuts: x 1= (0,0,0), 

x^=(0,0,l), x^=(0,l,0) and x^=(l,0,0). The system fails if it 
is in any of these four conditions. 
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4 . Cut Size and System Width 



The size of a cut x, s(x), is defined as the number 
of failed components in the condition described by x. For 
example, in Fig. 1 the size of x^=(0,0,0) is s(x-*-) = 3, and 
the size of x^=(0,0,l) is s(x^) = 2. 

The width of the system, m, is defined as the smallest 
size of any cut, i.e., the least number of failed components 
that can cause the system to fail. In a 2-out-of-3 system at 
least two components must fail in order that the system fails, 
so the system width is m = 2. 

5 . Failed Component Set 

For any condition x the failed component set 0(x) is 
defined as the set of indices of the components that are 
failed when the system is in the condition described by x. 

In Fig. 1, O(x^) = {2,3} and O(x^) = {1}. 

6 . Minimal Cut 

The concept of a "minimal" cut is important in the 
approximations developed in this paper. A cut x is a minimal 
cut if it has the following property: the "repair" of any 

failed component in the cut causes the system to function. In 
the 2-out-of-3 system the conditions x^ , x^ and x^ are minimal 
cuts; x-*- is not a minimal cut. In general, a cut x ^ is said 
to "contain" a cut x B if 0(x B ) is a proper subset of 0 (x A ) . 
Consequently, a minimal cut contains no other cuts. In Fig. 

1, O(x^) = {1,2} is a proper subset of O(x^) = {1,2,3}; x^ is 
a cut, therefore, x-'- is not a minimal cut. Note that if the 
size of a cut equals the system width, then the cut is 
minimal . 
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7. Sets of Cuts 



We define K as the set of all cuts of the system and 

K as the set of all cuts of size s. C is defined as the 
s s 

number of cuts of size s. For the 2-out-of-3 system we have 



K = { 



X ,x ,x ,x 



} 



= the empty set 

K 2 = {x 2 ,x 3 ,x 4 } 

K = {x 1 } 

3 



C 1 = ° 

C 2 = 3 
c 3 = 1. 



B. PROBABILISTIC RELIABILITY FUNCTIONS 



So far the probabilistic and time dependent characteristics 
of the component and system states have been suppressed. It is 
assumed, however, that only probabilistic statements can be 
made about the state of the components and the system, and 
that these statements have time as an independent variable. 

A system consisting of two components in series provides a 
convenient example for illustrating the definitions of this 
section. Such a system functions only if both components 
function; if either component or both components fail, then 
the system fails. 

1 . Reliability Function 

In the example of a two- component series system an 
important question is, "Will component No. 1 still be func- 
tioning at time t?" The state of component No. 1, x^, is 
considered a probabilistic function of time, i.e., x^ = X^(t), 
a random variable. So a more meaningful form of the above 
question is, "What is the probability x^=l at time t?" The 
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answer to this question is called the component reliability 
function , F^ (t) . 

In general, for any i-th component the component reli- 
ability function F^(t) is defined as 

F (t) = Pr(i-th component is functioning at time t) 
i 

= Pr (X i (t) = 1) . 

The form of the component reliability function depends 

on the reliability characteristics of the component. In the 

two-component series system example the "exponential lifetime" 

form is used, i.e., 

-X t 

F 1 (t) = e ? 

-X t 

F 2 (t) = e 2 

where X and X are positive constants. 

12 

Turning our attention to the system we might ask, "What 
is the probability that the system is still functioning at 
time t?" The answer to this question is called the system 
reliability function F(t), i.e., 

F(t) = Pr (system is functioning at time t) . 

In the two-component series system the system reli- 
ability function is 

F(t) = Pr(both components are functioning at time t) 

= F (t) F 2 (t) 




- (X 1 + V* 



11 



2 . System Reliability in Terms of Cuts 



There are various methods for computing system reli- 
ability. The following method, although it appears rather 
cumbersome, proves useful in developing hazard function 
approximations . 

For any condition of the system, x, define p(x) as 
the probability that the system is in condition x at time t. 

It is assumed that the failure times of the components in the 
system are independent random variables. Consequently, p(x) 
equals the product of the probabilities that each component 
is in the state described by condition x. 

The four possible conditions of a two-component series 
system are shown in Fig. 2. 




Figure 2. Conditions of a Two-Component Series System. 



In condition x^ the component states are x^=0 (No. 1 

component has failed) and x 2 = l (No. 2 component is functioning) . 

So, p(x^) = Pr(No. 1 comp, has failed and No. 2 comp, is 
functioning) . 

= Pr(No. 1 comp, has failed) Pr(No. 2 comp, is 
functioning . 

But, Pr(No. 1 comp, has failed) = 1 - Pr(No. 1 comp, is 

functioning) 



= 1 
= 1 



F 1 (t) 
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-A t 

Also, Pr(No. 2 comp, is functioning) = e 

-A 1 1 -\.t 

Thus, p(x) = (1-e )e 

The probability that the system has failed equals 
the probability that it is in a condition which is a cut. 

The conditions of a system are mutually exclusive (if the sys- 
tem is in condition x A it is not in any other condition x B ) . 
Consequently, we can sum the probabilities of the conditions 
that are cuts to get the probability that the system has 
failed. 



The two-component series system has three conditions 
which are cuts, i.e., 

K = {xl,x 2 ,x 3 }. 

The probability this system has failed is the sum over the 

conditions in K of the probabilities of being in those 

conditions, i.e., 

Pr (system has failed) = £ p(x) 

xeK 

= p (x 1 ) + p (x 2 ) + p (x 3 ) . 

Using the component reliability functions, F^(t) and F^(t), 



-At -A 2 t 

we have: p(x -L ) = (1-e ) (1-e ) 

- -A . t -A t 

p(x 2 ) = (1-e 1 )e 2 



p (x 3 ) = e 1 (1-e 2 ) . 



Summing these, 



Pr (system has failed) 



-(A ,+A )t 
1-e 12 
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Thus, F ( t ) = Pr (system is functioning) 

= 1 - Pr (system has failed) 

-(A +A )t 
= e 1 1 

The foregoing method of calculating system reliability 
in terms of cuts has three significant characteristics: 

(1) It can be used for any system. 

(2) It requires only a knowledge of the conditions 
which are cuts. 

(3) Cuts which have relatively small probability can 
be ignored in order to simplify the calculation 
of approximate system reliability. 

3 . Hazard Function 

For the i-th component the component hazard function 
R^(t) is defined by 

R. (t) = -log F. (t) . 

l l 

The system hazard function R(t) is similarly defined 
by 

R ( t) = -log F ( t ) . 

In the two-component series system we have 
-A t 

R ± (t) = -log e = X x t, 

-A 2 t 

R 2 ( t ) = -log e = A 2 t, 

- (A , +A _ ) t 

R ( t ) = -log e ^ (A 1 +A 2 )t. 

Note that in this series system the system hazard function 
is the sum of the component hazard functions, i.e., 

R ( t ) = R 1 (t) + R 2 (t) . 
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The hazard function is very convenient to use when 
dealing with systems which can be represented as a series of 
subsystems. Each subsystem hazard function can be calculated 
or approximated, and the system hazard function is then simply 
the sum of the subsystem hazard functions. The system reli- 
ability is the negative exponential of the system hazard 

— p ft:) 

function, i.e., F(t) = e 
4 . Failure Rate 

For the i-th component the component failure rate 
r^(t) is defined by 

r . (t) = d R. (t) . 

1 dt 

The system failure rate r(t) is similarly defined by 

r ( t) = d_ R ( t) . 
dt 

(These definitions agree with the classical definition of 

failure rate in terms of the probability density function and 

the reliability function.) 

In the two-component series system we have 

r, (t) = d R (t) = d_ A.t = A , 
dt 1 dt 1 i 

r (t) = d_ R ? (t) = d_A t = A , 

2 dt dt 1 1 

r(t) = d_ R(t) = d_(A +A )t = A. + A . 
dt dt 1 2 

Note that the component failure rates, A ^ and A^ f are con- 

. 

stant. An exponential lifetime (F^(t)=e ) is equivalent 

to a constant failure rate (r^(t)=A^). 

In the systems considered in this thesis all compo- 
nents have constant failure rates. 
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III. FIRST-ORDER APPROXIMATIONS 



The problem to be dealt with here is that of determining 
the hazard function for a large system in which all compo- 
nents have constant failure rates. It is assumed that the 
large system consists of a series of subsystems. Those sub- 
systems which consist of a single component or a series of 
components may be treated separately; the hazard function for 
this group is simply the sum of the component hazard functions. 
An exact formulation of the hazard function for the more com- 
plex subsystems is often difficult. The approximations 
developed in this section provide a relatively simple method 
for approximating the hazard function for these complex 
subsystems . 

(The "systems" referred to in this section should be con- 
sidered as subsystems within a larger system. These "systems" 
always have more than one component and are more complex than 
a simple series of components.) 

Initially, consider first-order approximations for sys- 
tems in which all failure rates are equal to some constant 
A ( > 0 ) . Once the method is illustrated in this special case, 
the generalization to systems in which component failure rates 
are not all equal is rather straightforward. 

The following example shows a direct technique for deriv- 
ing a first-order approximation to the hazard function. 
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Example 3-1. Consider a system consisting of three com- 



ponents each having constant failure rate X . The system 
functions if and only if two or more of its components func- 
tion (2-out-of-3 system) . 

The component reliability functions are 

F.(t) = e“ xt i = 1,2,3. 

The system reliability function is 
F(t) = 3e -2xt - 2e 3Xt . 

Expand the exponentials in the system reliability function 

using e -x = 1 - x + x£ - x^_ + . . . . 

21 3! 

We then have 



F ( t ) = 3(1 - 2Xt + 4 (X t ) 2 - 8 (X t) 3 + ...) 

21 3! 

-2(1 - 3X t + 9 (X t) 2 - 27 (X t ) 3 + ...) 

2 1 3! 

= 1 -3 (X t) 2 + 5 (X t ) 3 + ... . 

We can now derive the hazard function 
R ( t) = -log F ( t) 

by using the expansion of the logarithm function about 1: 

-log(l-x) = x - x£ + x^_ - ... . 

2 3 

Thus, R ( t ) = -log ( 1 - 3 (X t ) 2 + 5(Xt) 3 - ...) 

= 3 (X t) 2 - 5 (Xt) 3 + . . . . 

The first-order approximation, then, is 
R 1 ( t) = 3 (X t ) 2 . 



The direct method has two drawbacks. First, an explicit 
formulation of the system reliability function is required. 
Second, the exponentials must be expanded and the coeffi- 
cients of the various powers of Xt must be collected. 
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The indirect method of determining the first-order approxi- 
mation for the hazard function is based on the following line 
of reasoning: 

(1) Recall that K is the set of all cuts of the system, 
and that the elements of K are mutually exclusive. Also, be- 
cause of the assumption that component lifetimes are indepen- 
dent, the probability that the system is in the condition 
described by a cut equals the product of the probabilities 
that each component is in the state described by the cut. 

(2) The reliability function can be formulated as 

Pr (system is functioning) = 1 - Pr (system has failed) 



1 - £ Pr (system in condition x) . 

xeK 



(3) For any cut x of size s (size = no. failed comp.) 



p(x) = Pr (system in condition x) 

= (e- Xt ) n - s (l-e" Xt ) s . 

Consider the value of p(x) for small values of t 



lim p(x) 
t-*-0 




(r<s ) . 



But, lim (e 
t-*-0 



-Xtjn-s _ ^ 




lim t S r = 0 if r<s, 
t+0 



= 1 if r=s. 



Thus, when x is a cut of size s. 



For small values of t we have the approximation 
p ( x ) = (X t ) s . 

(4) Recall C is the number of cuts of size s, and m is 

s 

the smallest value of s such that C s >0. (m = system width.) 

F(t) = Pr (system is functioning) 

= 1 - l p(x) 
xeK 

= 1 - l C (X t ) s 
s=m 

= 1 - C (Xt) m . 
m 

(5) The first-order approximation for the system hazard 
function is derived from the foregoing approximation for the 
system reliability function. 

R ( t ) = -log F(t) 

= -log ( 1 - C (Xt) m ) 
m 

= C (Xt) m = R^t) where R^(t) is the first-order 
m 

approximation for the system hazard function. 

In summary, when all component failure rates are equal the 
first-order approximation for the system hazard function can 
be determined in three steps: 

a. Determine the system width, m. 

b. Determine the number of cuts of size m, C . 

m 

c. Calculate R‘*'(t) = C (Xt) m . 

m 

Example 3-2. Apply the foregoing method to the 2-out-of-3 
system. 

a. At least two components must fail for the system to 
fail, so the system width is two (m=2) . 
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3 . 



b. There are three cuts of size two, so C = 

m 

c. Consequently, R 1 (t) = C (At) m = 3(Xt)^. 

m 

When the component failure rates are not all equal the 

first-order approximation for the hazard function is derived 

by the same line of reasoning used in (1) through (5) above. 

The essential difference is in the form of p(x) . 

Let x be a cut of size s. Recall 0 (x) = {i:x^=0}, and 

K = {cuts of size s). By the assumption of independent com- 
s 

ponent lifetimes, 

-X . t -X . t 



p (x) = 


H e 1 


n ( 1-e 




i/0 (x) 


ieO (x) 


There are 


s elements 


in 0 (x) , so 



p (x) 

r 

t 



n e 

i^O (x) 



-X . t 
i 



n 

icO (x) 



H^) 



s-r 



and lim p(x) = 0 
t+0 r 

t = n 



r <s , 
r=s . 



ieO(x) 

Thus, for small t, p(x) = t S II 



X i * 



(r<s) , 



ieO (x) 

The system reliability function is approximated by 



F(t) = 1 - l p ( x ) 
xeK 

m 



i i - l t m n x . . 

xcK ieO(x) 1 
m 



The first-order approximation for the system hazard func- 
tion follows from 
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R ( t) = -log F ( t) 

= l t m n X . = R 1 (t) . 

xeK ieO(x) 1 
m 

In summary, when the component failure rates are not all 
equal the first-order approximation for the system hazard 
function can be determined in three steps: 

a. Determine the system width, m. 

b. For each cut x in calculate the product 

n X . t = t ra II X . . 
ieO(x) 1 ieO (x) 1 

c. The first-order approximation R^(t) is the sum of 

these products over all x in K , i.e., 

m 

R 1 (t) = t m £ n X • 
xeK^ ieO (x) x 

The following example illustrates the method. 



Example 3-3. Consider a 2-out-of-3 system with component fail- 
ure rates X,, X and X '. Recall that the cuts of the system 
12 3 

are : 



x 1 = 


(0 


,0 


, 0 ) , 


X 2 = 


(0 


,0 


,D , 


x 3 = 


(0 


,1 


, 0 ) , 


4 

and x = 


(1 


,0 


, 0 ) . 


Thus, K 2 


= 


{x 


2 , X 



The width of the system is m = 2. 



For each cut x in form the product II X -t: 

ieO(x) 

X * ^l^*" 

x 3 : X^X^t 2 

x 4 : X 2 * 3 t 2 . 
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Summing these products, 

R 1 (t) = t m l n X . 

xeK ieO (x) 1 
m 

= t 2 (X ^X 2 + A jX 3 + ^ 2^ 3^ * 

If the component failure rates had been equal, X^ = X^ = 
X ^ = X , then the above answer would reduce to 
R 1 ( t) = t 2 ( 3X 2 ) = 3 (X t ) 2 . 



The first-order approximation for the system hazard func- 
tion contains three approximations: 

(1) For any i-th component with constant failure rate X , 

i 

-X . t 

1 - e 1 = X . t . 

l 

(2) Pr(system has failed) = £ p(x). 

xeK 

m 

(3) -log (1-Pr (system has failed)) = Pr(system has failed). 

Approximation (1) has an error of less than 5% when 

X i t <_0 .10. This corresponds to a component reliability of 0.9 
or greater. 

The error in approximation (2) is directly related to the 
probability that the system fails due to a cut of size greater 
than system width m. The accuracy of approximation (2) suffers 
when relatively unreliable components are not in the failed 
component set for any cut of size m. When system reliability 
is greater than 0.95 the cuts of size m usually account for 
enough of the probability of system failure to make approxima- 
tion (2) acceptable. 

Approximation (3) has an error of less than 5% when system 
reliability is greater than 0.90. 
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As a rule of thumb we say that the first-order approxima- 
tion for the system hazard function is usually acceptable when 
all component reliabilities are greater than 0.9 and the sys- 
tem reliability is greater than 0.95. 
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IV. FIX-UP AND SECOND-ORDER APPROXIMATIONS 



In this section we develop methods for improving upon the 
first-order approximation for the system hazard function. 

The first method developed, the fix-up approximation, is not 
always a more accurate approximation than the first-order 
approximation, but it always errs on the "safe side." The 
other method developed, the second-order approximation, is 
always at least as accurate as the first-order approximation, 
in most cases it is significantly more accurate. 

A. THE FIX-UP APPROXIMATION 

The first-order approximation of the system hazard function 
may not be acceptable if comparatively "weak" components do not 
appear in any of the cuts of size m (m = system width) . The 
following example illustrates this situation and provides a 
heuristic approach to the fix-up approximation. 

Example 4-1. Consider the hydraulic pump system shown in Fig. 
3. 




Figure 3. Hydraulic Pump System - Physical Arrangement. 
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The upper branch functions if No. 1 functions. The lower 
branch functions if No. 2 functions and either No. 3 or No. 4 
functions. The system functions if either the upper or lower 
branch functions. 

The cut representation of the system is shown in Fig. 4. 




Figure 4. Hydraulic Pump System - Cut Representation. 



The first-order approximation for the system hazard func- 
1 2 

tion is R (t) = X X t . This completely ignores the failure 
rates of Nos. 3 and 4. If Nos. 3 and 4 are considerably less 
reliable than Nos. 1 and 2, the accuracy of the first-order 
approximation may not be acceptable. An obvious "fix-up" 
would be to get a first-order approximation based on the cut 
in which Nos. 1, 3 and 4 are failed, and add this to the pre- 
vious approximation, i.e., 



R F (t ) = R 1 ( t) + X 1 X 3 X 4 t 3 



= X X t 2 + X X X t 3 . 
12 13 1 



The "fix-up" approximation for the system hazard function, 
R (t) , shown in Example 4-1 is sometimes a simple method for 
improving the accuracy of the first-order approximation. It 
can be derived for any system in the following manner: 
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Identify all minimal cuts of the system. 



a . 

b. For any minimal cut x, let s (x) = size of x. 

c. Let K = {all minimal cuts}. 

M 

d. Then, R F (t) = £ t s ^ n . 

XeK M ieO(x) 

For illustration, apply these steps to Example 4-1: 

a. There are two minimal cuts, 
x 1 = (0,0, 1,1) , 

x 2 = (0,1, 0,0) . 

b. s(x^) = 2, and s(x 2 ) = 3. 

c. K = {x-^x 2 }. 

M 

d. R F ( t) = l t s(x) n X. 

xeK,, ieO (x) 1 

M 

= t 2 (A 1 X 2 ) + t 3 (X 1 X 3 X 4 ) 

= x 3 x 3 t 2 + X^X^X^t 3 . 



The rationale behind the fix-up approximation can be sum- 
marized in the following manner. We treat each minimal cut x 
as if the system width were s (x) . We then calculate the 
"contribution" of the minimal cut x to the first-order approxi- 
mation for the system hazard function, t s II X. . These 

ieO (x) 1 

contributions are summed over all minimal cuts, and the result 
is the fix-up approximation. 

The fix-up approximation for the system hazard function is 
always greater than the actual system hazard function, i.e., 

R F ( t ) >R ( t ) . 
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t 



Recall that all cuts of size m are minimal cuts, so K is 

' m 

a subset of K . Consequently, 

R F (t) = l t s(x) n X . > l t m n X. = R 1 ( t) . 

xeK ieO(x) 1 xeK ieO(x) 1 

M m 

In view of these inequalities the fix-up approximation is 
less accurate than the first-order approximation whenever the 
first-order approximation is "pessimistic" i.e., whenever 
R 1 (t) > R ( t ) . 

It is important to note that the fix-up approximation does 
provide an upper bound on the system hazard function and, 
therefore, it leads to a lower bound on system reliability. 

If errors of "optimism" are to be avoided, the fix-up approxi- 
mation has the virtue that any errors will be errors of 
"pessimism. " 

The methods for approximating the system hazard function 
shown in Ref. 3 give results which are equivalent to the fix- 
up approximation. (Unfortunately, these methods cannot be 
applied unambiguously to some systems, e.g., the 2-out-of-3 
system. ) 

B. THE SECOND-ORDER APPROXIMATION 

When component failure rates are constant it is always 
possible to express the system hazard function as a power 
series : 

oo 

R ( t) = l a.t j 

j = 0 3 

where a is a function of the component failure rates. It was 

j 



27 



shown in developing the first-order approximation that a^ = 0 
when j is less than the system width m. Consequently, the 
power series expansion of R(t) can be written: 



R ( t) = l a.t^ . 

j=m J 

The first-order approximation was simply the first term 

in the power series expansion of R(t), i.e., 

R 1 (t) = a t m 
m 



where a = £ II X . . 

m xeK ieO(x) 1 
m 



The second-order approximation for the system hazard func- 
tion, R (t) , consists of the first two non-zero terms of the 
power series expansion of R(t), i.e., 

R 2 (t) = a t m + a t ra+1 . 
m m+1 

One method for calculating the second-order approximation 

is the direct approach (see Example 3-1). To illustrate this 

method consider the system in Example 4-1. 

The system reliability function is 

-X t -X t _ X t -X t -X t - (X +X ) t 
F(t) = e ^ +(l-e ^ )e ^ (e ^ +e ’ -e 2 ^ ) . 

The direct approach consists of three steps: 

a. Expand the exponentials in F(t) using 

-v 2 ? 

e x = 1 - x + x_ - x_ + . . . . 

21 3 ! 

b. Collect terms in the expansion of F(t) according to 
powers of t. 
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c. Formulate the hazard function using 

-log(l-x) = x - x^ + x£ . 

2 3 



Applying these steps to the system in Example 4-1 results in 
the following power series expansion of the system hazard 
function : 



R ( t) = X X t" 
1 2 



(X ,X X -IX ,X _ (X +X ))t 3 + (terms of order t^) 

1349-12 1 2 



Consequently, the second-order approximation for the hazard 
function of this system is 

R2(t) = x ^ 2 t 2 + (X pX 3 X 4 -IX pX 2 (X i+X ^) ) t 3 ♦ 

Note that the second-order approximation in this example in- 
cludes the first-order and the fix-up approximations, i.e., 

R 2 ( t ) = X^t 2 + X 1 X 3 X 4 t3 ~ i X i A 2 (X l +X 2 ) t3 
= R 1 (t) + X X X t 3 - IX X (X +X ) t 3 

J . J 4 2 ± Z ± Z 

= R F ( t ) - IX X (X +X ) t 3 . 

2 1 2 -L 2 

The direct approach is a rather tedious method for calcu- 
lating the second-order approximation. In this section we 
develop a more efficient method. The development of this 
method uses the following line of reasoning: 

(1) We know that 

R (t ) = a t m + a ^.t m+X + (terms of order t m+2 ) . 

m m+i 

Suppose F(t) could be expressed as a power series of the 

form 

F (t ) = 1 - b t m - b 1 t m+1 + (terms of order t m+2 ) . 
m m +1 

Since mj>2 (we do not consider simple series systems) , we would 
have , 
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-log F (t) = -log (l-b m t m -b m+1 t m+1 + (terms of order t m+2 )) 

= b t m + b + (terms of order t m+2 ) . 

m m+1 

But, -log F(t) = R(t) , so corresponding terms of the power 

series expansion must be equal, i.e., 

a = b , 
m m 

a , = b 

m+1 m+1 

Consequently, we will have the desired second-order ap- 
proximation for the system hazard function if we can express 
F(t) in the form 

F(t) = 1 - a t m - a t m+ l + (terms of order t m+2 ) . 
m m+1 

(2) Ke know that 

F(t) = 1 - Pr(system has failed), 

and Pr (system has failed) = £ p(x). 

xeK 

So we would hope that T p(x) can be expressed in the form 

xeK 

7 p(x) = a t m + a t m+ ^ + (terms of order t m+2 ) . 
xeK m m+1 

Such an expression is possible if and only if for all cuts x 

in K there exist functions (of the component failure rates) 

d (x) and d , (x) such that 
m m+1 

p(x) = d (x) t m + d ,,(x)t m+1 + (terms of order t m+2 ) . 

^ m v m+1 

If for every cut x, p(x) can be expressed in the above form, 
then 
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F(t) = 1 - l p ( x ) 
xeK 

= 1 - I d m ( X )t”> - lj m+1 (x) t m+1 



xeK 



xeK 

+ (terms of order t m+2 ) , 



and R 2 ( t) = £ d m (x)t m + l d m+1 (x)t m+1 



m+1 



xeK xeK 

Thus we see that the problem of finding a second-order 
approximation for the system hazard function can be solved by 
finding a second-order approximation for p(x) for every cut 

x , i . e . , 



p(x) = d (x)t m + d , (x) t m+1 + (terms of order 
m m+1 



_m+2. 



= d_ ( x ) t m + d , (x) t 
m' m+1 



m+1 



(3) Under the assumptions that component failure rates 
are constant and component lifetimes are independent we have 
for any cut x: 

p(x) = Pr (system in condition x) 

-X . t -X . t 

= II e 1 II (l-e ) 

i/0 (x) ieO (x) 

The first product in p(x) can be expanded as follows: 

-X . t 

n e 1 = n ( 1 - X . t = . . . ) 

ijtO(x) i/0(x) 1 

= 1 - t £ X . + (terms of order t^) . 

i/0 (x) 1 

The second product in p(x) can be expanded as follows: 
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-X . t 

n (i— e ) = n (X . t — i^x • t) ^ • • • ) 

ieO (x) ieO (x) 1 2 1 



= n 



x . t 



ieO(x) i 



1( n X it) ( I x.t) + 
7 ieO(x) ieO(x) 



- 4-S 



t s n x . [i-i l x.t 

ieO(x) 1 2 ieO(x) 1 



+(terms of order t z ) ] 



where s = the size of the cut x. 

Multiplying these expansions of the products in p(x), we have 

p ( x ) = [i-t l x. + ...]»t s n Xiti-it l x. + ...] 

i^O(x) ieO(x) 2 ieO(x) 



= t s n x i [ i - (1 l x ± + l x . ) t 

ieO(x) 2 ieO(x) i^O(x) 

2 

+( terms of order t )] 
Thus, for any cut x size s we have 

p(x) = d s (x) t s + (x) t s+ ^ + (terms of order t s+ ^) 



where d (x) = II X - 
ieO(x) 

and d_ + 1 (x) =- n X . [1 l X • + l X ]. 

ieO(x) 2 ieO(x) i^O(x) 

Summing p(x) over all cuts according to size we have: 
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I p(x) 

xeK 



I [a»Wt m td. i ,(x)t 

xeK 



m+1 



m 



+ (terms of order t m+2 ) ] 



+ 



£ [d m+1 (x)t m+ + (terms of order t ra+2 ) ] 



xeK. 



m+1 



+ £ (terms of order t m+2 ) 
xeK . 

3 

j>m+2 



= I 



xeK 



d m (x)t 



m 



m 



+ [ I d m+l (x) + l d m+l (x)]t 
xeK m xeK m+l 

+ (terms of order t m+ ^) 



m+1 



(4) As was shown in (2) , the above expansion of £ p(x) 

xeK 

leads immediately to the second-order approximation for the 
hazard function, i.e., 

R2(t ) = l d (x)t m .+ [ l d +1 (x) + l d +1 (x)l tm+1 
xeK m xeK m xeK m+l 

where 



d (x)t m = t m l n \- 

xeK m xeK ieO (x) ' 

m m 

l a ! (x) - I - n Xi [i l + l x ± ] 

xeK xeK_ ieO(x) ? ieO(x) i^O(x) 

mm 

l d m+1 (x) -l n Xj. 

xeK m+l xeK m+l ic0(x) 

This form of the second-order approximation has the follow- 
ing properties: 

a. Only cuts of size m and size m+1 need be considered. 

b. The first term of the second-order approximation is 
the first-order approximation, i.e.. 
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I a m (x)t m = r 1 ct) . • 
xeK m 

c. It is equivalent to the approximation that would result 
from using the direct approach. 

The following example illustrates the calculation of the 
second-order approximation and points out a computational 
shortcut . 

Example 4-2. Calculate the second-order approximation for the 
system described in Example 4-1. 

(a) System width is m = 2. 

(b) There is one cut of size 2: x 3 = (0,0, 1,1). 

So, K 2 = {x 1 }. 

(c) There are three cuts of size 3: 
x 2 = (0,1, 0,0), 

x 3 = (0,0, 1,0) , 
x 4 = (0,0, 0,1) . 

So, K 3 = {x 2 ,x 3 ,x 4 }. 

(Note that x 2 is a minimal cut but x 3 and x 4 are not minimal 
cuts . ) 

(d) Calculate l d^xjt™ . 

xeK 

m 

£ d 2 (x)t 2 = d 2 (xMt 2 = t 2 II = A-^A 2 t 2 ’ 

xeK 2 ieO (x 1 ) 

(e) Calculate l d m+ i( x ) tm+1 • We wil1 carry out this 

xeK m 

calculation in two parts: 

7 - n A. [1 l A .]t 3 = -1A A (A + A )t 3 . 

xeK 2 ie0(x) 2 ie0(x) 1 2 j. z j. 
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I 

xel<2 



n x ± t l x.]t 3 

ieO(x) i^O(x) 



x i\ 2 x 3 t 3 - x x x 2 x 4 t- 



(The latter pair of terms will be cancelled when we con- 
sider the cuts in K m+ -^ which are not minimal cuts.) 

(f) Calculate Y d (x)t m+ ^ . 

L „ m+j. 

xeK m+l 

d 3 (x 2 )t 3 = X 1 X 3 X 4 t 3 , 
d 3 (x 3 )t 3 = X 1 X 2 X 4 t 3 , 
d 3 (x 4 )t 3 = X 1 X 2 X 3 t 3 . 



(The last two terms will cancel terms from (e).) 

(g) Sum the results of (d) , (e) , and (f) . 

r 2 (t) = x 1 x 2 t 2 - ix 1 x 2 (x 1 +x 2 ) t 3 + x 1 x 3 x 4 t 3 . 

In the foregoing example the terms -d 3 (x 3 )t 3 and -d 3 (x 4 )t 3 
appear in the term d 3 (x 3 )t 3 . This is a consequence of the fact 
that x^ is contained in both x 3 and x 4 , i.e., O(x^) is a 
proper subset of both 0(x 3 ) and 0(x 4 ). We formalize this re- 
sult in the following manner: 

For each cut x* of size m+1, let v(x*) be defined as the 
number of cuts of size m which are contained in x*. The term 

d m+ i (x* ) t m+ ^ will appear in \ <3 m+l^ x ^ tm+ ^ w ith the coefficient 

xeK m 

-v(x*). Consequently, the term d m+ \ ( x * ) t m+ ^ will appear in 

O £ 

R (t) with the coefficient 1-v (x ), and this is true for each 
cut x* of size m+1. Thus we may rewrite R 2 (t) in the form 
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R 2 (t) = l d m (x)t m - 1 l d (x) [ l X ] t m+1 

xEK^ 2 x£K m ieO(x) 

+ l <l-v(x))d +1 (x)t ra+1 , 
xeK m+l 

Thus, the second-order approximation for the system hazard 
function can be calculated using the following method: 

(a) Determine the system width m. 

(b) Identify each cut of size m. 

(c) For each cut of size m compute: 

(1) d m (x) = n X ± , 

ieO (x) 

( 2 ) l . 

ieO (x) 

(d) Identify each minimal cut of size m+1, and compute 

d , , (x) = II X • . (Note that v(x) = 0 for minimal 

m ieO(x) 1 

cuts . ) 

(e) Every non-minimal cut of size m+1 contains at least 
one cut of size m, i.e., v(x)>.l. Identify those non- 
minimal cuts of size m+1 which contain more than one cut 
of size m, and compute (1-v (x) ) d m+ -^ (x) for each of these. 
(If we miss some terms here, the error is usually small and 
always on the "safe side.") 

(f) Use the terms calculated in (c) , (d) and (e) to 

calculate R^(t). 

The following example illustrates the method. 

Example 4-3. In the system discussed in Example 4-1 place an- 
other pump, No. 5, in series with No. 1. The resulting system 
is shown in Fig. 5. 
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Figure 5. Pump System - Physical Arrangement. 



The second-order approximation for the system hazard 
function is calculated as follows: 

(a) At least two pumps must fail in order for the sys- 
tem to fail, so m = 2. 



(b) The cuts of size 2 are: 



x 1 = (0,0, 1,1,1) 
x 2 = (1,0, 1,1,0) 
(c) d 2 (x 1 ) = X 2 



d 2 (x 2 ) = X 2 X 5 



(d) 



(Nos. 1 and 2 have failed) 
(Nos. 2 and 5 have failed) 



l , 

ieO (x 1 ) 



- x 1 + x 2 



l o X i~ X 2 +X 5 

ieO (x 2 ) b 



There are two minimal cuts of size m+1 = 3: 
x 2 = (0,1,0, 0,1) (Nos. 1, 3 and 4 have failed) 

x 4 = (1,1, 0,0,0) (Nos. 3, 4 and 5 have failed). 

d 3 (x 3 ) = A 1 X 3 X 4 

a 3 (x 4 ) = x 3Vs 

(e) The cut x 3 = (0,0, 1,1,0) contains both x^ and x 2 , 
i.e., ©(x 1 ) = (1, 2} 

0 (x 2 ) = (2, 5} 



and both of these are proper subsets of 0(x 2 ) = {1, 2, 5}. 
So, v(x 2 ) = 2, 

_ and (l-v(x 5 ) )d 3 (x 5 ) = - X 2 X 5 . 
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All other non-minimal cuts of size 3 contain only one cut 
of size 2, i.e., l-v(x) = 0. 

(f) Using the terms from (c) , (d) and (e) we have 

R 2 ( t ) = (X 1 X 2 +X 2 X 5 ) t 2 - 1[X 1 X 2 (X 1 +X 2 ) + X 2 X 5 (X 2 +X 5 ) ] t 3 

t (X ^X ^X ^ tX ^X ^X X ^ ) t • 

The most difficult task in formulating the second-order 
approximation is the identification of the non-minimal cuts 
of size m+1 which contain more than one cut of size m. Aside 
from this difficulty the second-order approximation is con- 
ceptually no more difficult than the fix-up approximation. 

Hand calculating the second-order approximation may be rela- 
tively tedious. Whether increased accuracy is worth extra 
effort is a difficult question in almost any context; we only 
note that in many cases the error of the second-order approxi- 
mation is less than one-tenth the error of the fix-up 
approximation . 



38 



LIST OF REFERENCES 



1. Birnbaum, Z. W., Esary, J. D. , and Marshall, A. W., 

"A Stochastic Characterization of Wear-Out for Compo- 
, nents and Systems," Ann. Math. Statist., v. 37, 
p. 816-825, 1966. 

2. Esary, J. D. , Marshall, A. W., and Proschan, F., "Deter- 

mining an Approximate Constant Failure Rate for a System 
Whose Components Have a Constant Failure Rate," in 
Operations Research and Reliability , D. Grouchko (ed.), 
Gordon and Breach, 1971. 

3. Guide Manual for Reliability Measurement Program, NAVWEPS 

OD 29304, United States Navy, 15 May 1965. 



39 



INITIAL DISTRIBUTION LIST 



No. 



1. Defense Documentation Center 
Cameron Station 
Alexandria, Virginia 22314 

2. Library, Code 0212 
Naval Postgraduate School 
Monterey, California 93940 

3. Assoc Professor J. D. Esary, Code 55 Ey 
Department of Operations Analysis and 

Administrative Sciences 
Naval Postgraduate School 
Monterey, California 93940 

4. LCDR W. J. Hayne, USN 
350 Rose Lane 

St. Paul, Minnesota 55117 

5. Department of Operations Analysis and 

Administrative Sciences, Code 55 
Naval Postgraduate School 
Monterey, California 93940 

6. Professor D. P. Gaver, Code 55 Gv 
Associate Chairman for Research 
Department of Operations Research and 

Administrative Sciences, 

Naval Postgraduate School 
Monterey, California 93940 

7. CDR Richard Franzen, USN (SP-1141) 

Chief of Naval Operations 
Building 3, Crystal Mall 
Washington, D.C. 20370 

8. Mr. Seymour M. Selig 
Office of Naval Research 
Arlington, Virginia 22217 

* 

9. Chief of Naval Personnel (Pers 11-B) 
Department of the Navy 
Washington, D.C. 20370 



Copies 

2 

2 

1 

1 



1 



6 

1 

1 



40 



10 . 



No. 



Professor Sam C. Saunders 
Department of Mathematics 
Washington State University 
Pullman, Washington 

11. Professor A. W. Marshall 
Department of Statistics 
University of Rochester 
Rochester, N.Y. 14627 

12. Professor Z. W. Birnbaum 
Department of Mathematics 
University of Washington 
Seattle, Washington 98105 

13. Professor R. E. Barlow 
Department of Industrial Engineering 

and Operations Research 
University of California 
Berkeley, California 94720 

14. Professor Ernest M. Scheuer 
Management Science Department 
San Fernando State College 
Northridge, California 91320 

15. Professor Frank Proschan 
Department of Statistics 
The Florida State University 
Tallahassee, Florida 32306 



Copies 

1 

1 

1 

1 

1 

1 



41 



Unclassified 



Socuntv Classi fication 



DOCUMENT CONTROL DATA • R & D 

; Security classification of title, bodv of abstract and indexing annotation must be entered when the overall report is classified) 



i originating activity ( Corporate author) 

Naval Postgraduate School 
Monterey, California 93940 



2a. REPORT SECURITY CLASSIFICATION 

Unclassified 



2b. GROUP 



3 REPOR T TITLE 



APPROXIMATIONS FOR THE SYSTEM HAZARD FUNCTION 



4 DESCRIPTIVE NOTES ( Type of report and, inclusive dates) 

Master's Thesis; March 1972 



S au ThOR Si (First name, middle initial, last name) 



William John Hayne 

Lieutenant Commander, United States Navy 



6 REPOR T DATE 

March 1972 



6« CONTRACT OR GRANT NO 



b. PROJEC T NO 



7*. TOTAL NO. OF PAGES 

43 



7b. NO. OF REFS 

3 



9a. ORIGINATOR'S REPORT NUMBERlSj 



9b. OTHER REPORT NOtS) (Any other numbers that may be assigned 
this report) 



10 DISTRIBUTION STATEMENT 



Approved for public release; distribution unlimited. 



i i supplementary notes 



12 SPONSORING MILITARY ACTIVITY 



Naval Postgraduate School 
Monterey, California 93940 



13 AB5TR AC T 



Methods for approximating the system hazard function are developed 
for systems which have constant component failure rates. The approxi- 
mations are applicable to systems which are "highly reliable," e.g., 
all component reliabilities greater than 0.9 and system reliability 
greater than 0.95. 

Three approximations are developed. The first-order approximation 
is based on the system cuts of least size (smallest cuts). The fix-up 
approximation is based on the minimal cuts of the system and is an 
extension of the methods used in NAVWEPS OD 29304. The second-order 
approximation is a more accurate extension of the first-order 
approximation . 

The advantages peculiar to each of these approximations are: 

(1) first order: easy to calculate, 

(2) fix-up: never leads to an overestimate of system reliability, 

(3) second-order: relatively more accurate. 



DD, 



F0RM (page n 

NOV It I T / U 

S/N 0101 -807-681 1 



Unc] ass i f ied 



42 



Security Classification 



4-31406 



Unclassified 



Security Classification 





LINK A 


LINK B 


LINK C 


. 


K E Y WO R O 3 


ROLE 


W T 


ROLE 


W T 


ROLE 


W T 


Reliability 

Hazard Function Approximation 















iD .””,1473 (back) Unclassified 

■« ^3 Security Classification »-3H0i 



thesH4065 

Approximations for the system hazard fun 




2768 001 02071 



DUDLEY KNOX LIBRARY 



